690b88ace62e67e52d450f01e841b35390e3cbe4e4e180752df57ecf713adec3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

690b88ace62e67e52d450f01e841b35390e3cbe4e4e180752df57ecf713adec3
Size

4.0MB
MD5

52a8c6c2c1bfcf4392f307b04229efc3
SHA1

5b32089953b3b1f7f318b59692a234e43da21de9
SHA256

690b88ace62e67e52d450f01e841b35390e3cbe4e4e180752df57ecf713adec3
SHA512

7c10959142986ce780753763190773939b01225cacbf80b2f9a5562a6e2325f7330593d8d797d47976d67441f718678ef66b181b34b299a0c01ba6f80018b3b2
SSDEEP

49152:j4CYPdEG+BlF/tJWJf/nJhOSMnbj35tCvBvgrxTezagdfB1l8k6PvmkL4D+xKdbG:XYHGzeJZsSMnbCvMVSnl8k6Pv9kDrg

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

690b88ace62e67e52d450f01e841b35390e3cbe4e4e180752df57ecf713adec3
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 380KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RUPX1
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE